RubyGems - cognito_rails - Versions diffs - 1.0.0 → 1.1.0 - Mend

cognito_rails 1.0.0 → 1.1.0

Files changed (13) hide show

checksums.yaml +4 -4
data/lib/cognito_rails/config.rb +5 -1
data/lib/cognito_rails/model.rb +8 -3
data/lib/cognito_rails/password_generator.rb +35 -0
data/lib/cognito_rails/user.rb +1 -1
data/lib/cognito_rails/version.rb +1 -1
data/lib/cognito_rails.rb +1 -0
data/spec/cognito_rails/controller_spec.rb +0 -2
data/spec/cognito_rails/jwt_spec.rb +0 -2
data/spec/cognito_rails/password_generator_spec.rb +28 -0
data/spec/cognito_rails/user_spec.rb +28 -1
data/spec/support/schema.rb +2 -0
metadata +5 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f8bbd85c82670198044b07ac6bd693920201e3911166f1432365bd834e54fafd
-  data.tar.gz: 1c435514395d116f142fb22121bb0bdb7cdb91b46897b48566453e3748ae184d
+  metadata.gz: 1b69f6c8db91a764df6878e0de53feb9879f7509e79bf0d406e6fe9522f96e61
+  data.tar.gz: f44a4f4dfce641e54493730c9f183c9bd2f6a2e73fe4cd0c7a60d084b6d0d09a
 SHA512:
-  metadata.gz: 11bea4faacf98021ee61a6ae2280e4da743fd1e62e68c4dc88681c98f735973ccabc5806261df3e1d22243da42eef7fb3ddc2fc02f5c06677e6291f1e3d9f780
-  data.tar.gz: 26ba725b881ab2333e8ea5823ac199fc4fd430426b85f1f50832d2e9b1985db692615d2543ef7cea6d6a21aa8cddfdc9358194bf0ce30655acb35b0a971a1d90
+  metadata.gz: 17551dd1de906fd5813214f4fdd98bd49f7d4503138cfa5cd9beedc235707dc00b000d356e090a154b7de0c08e692553154b273d50236b31f455903044c97594
+  data.tar.gz: ee07b9c1b821bc601ac2c62d4268392783e5f687da1d9b810d6160f64c5b7f3546ffd7e5998f05a5a03fc2326bd162e338e0be2ceda461d2cae1152072e44ec8

data/lib/cognito_rails/config.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module CognitoRails
       # @!attribute default_user_class [w]
       #   @return [String,nil]
       attr_writer :aws_client_credentials, :skip_model_hooks, :aws_region,
-                  :aws_user_pool_id, :default_user_class
+                  :aws_user_pool_id, :default_user_class, :password_generator
       # @return [Boolean] skip model hooks
       def skip_model_hooks
@@ -49,6 +49,10 @@ module CognitoRails
       def default_user_class
         @default_user_class || (raise 'Missing config default_user_class')
       end
+      def password_generator
+        @password_generator || CognitoRails::PasswordGenerator.method(:generate)
+      end
     end
   end
 end

data/lib/cognito_rails/model.rb CHANGED Viewed

@@ -92,12 +92,17 @@ module CognitoRails
     def init_cognito_user
       return if cognito_external_id.present?
+      cognito_user = User.new(init_attributes)
+      cognito_user.save!
+      self.cognito_external_id = cognito_user.id
+    end
+    def init_attributes
       attrs = { email: email, user_class: self.class }
       attrs[:phone] = phone if respond_to?(:phone)
+      attrs[:password] = password if respond_to?(:password)
       attrs[:custom_attributes] = instance_custom_attributes
-      cognito_user = User.new(attrs)
-      cognito_user.save!
-      self.cognito_external_id = cognito_user.id
+      attrs
     end
     # @return [Array<Hash>]

data/lib/cognito_rails/password_generator.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+module CognitoRails
+  class PasswordGenerator
+    NUMERIC = (0..9).to_a.freeze
+    LOWER_CASE = ('a'..'z').to_a.freeze
+    UPPER_CASE = ('A'..'Z').to_a.freeze
+    SPECIAL = [
+      '^', '$', '*', '.', '[', ']', '{', '}',
+      '(', ')', '?', '"', '!', '@', '#', '%',
+      '&', '/', '\\', ',', '>', '<', "'", ':',
+      ';', '|', '_', '~', '`', '=', '+', '-'
+    ].freeze
+    # Generates a random password given a length range
+    #
+    # @param range [Range]
+    # @return [String]
+    def self.generate(range = 8..16)
+      password_length = rand(range)
+      numeric_count = rand(1..(password_length-3))
+      lower_case_count = rand(1..(password_length-(numeric_count+2)))
+      upper_case_count = rand(1..(password_length-(numeric_count + lower_case_count + 1)))
+      special_count = password_length-(numeric_count + lower_case_count + upper_case_count)
+      numeric_characters = numeric_count.times.map { NUMERIC.sample }
+      lower_case_characters = lower_case_count.times.map { LOWER_CASE.sample }
+      upper_case_characters = upper_case_count.times.map { UPPER_CASE.sample }
+      special_characters = special_count.times.map { SPECIAL.sample }
+      (numeric_characters + lower_case_characters + upper_case_characters + special_characters).shuffle.join
+    end
+  end
+end

data/lib/cognito_rails/user.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module CognitoRails
     def initialize(attributes = {})
       attributes = attributes.with_indifferent_access
       self.email = attributes[:email]
-      self.password = SecureRandom.urlsafe_base64 || attributes[:password]
+      self.password = attributes[:password] || Config.password_generator.call
       self.phone = attributes[:phone]
       self.user_class = attributes[:user_class] || Config.default_user_class.constantize
       self.custom_attributes = attributes[:custom_attributes]

data/lib/cognito_rails/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 module CognitoRails
   # @return [String] gem version
-  VERSION = '1.0.0'
+  VERSION = '1.1.0'
 end

data/lib/cognito_rails.rb CHANGED Viewed

@@ -15,6 +15,7 @@ module CognitoRails
   autoload :Model
   autoload :User
   autoload :JWT
+  autoload :PasswordGenerator
   # @private
   module ModelInitializer

data/spec/cognito_rails/controller_spec.rb CHANGED Viewed

@@ -1,8 +1,6 @@
 require 'spec_helper'
-# rubocop:disable Metrics/BlockLength
 RSpec.describe CognitoRails::Controller, type: :model do
-  # rubocop:enable Metrics/BlockLength
   include CognitoRails::Helpers
   context 'with an API controller' do

data/spec/cognito_rails/jwt_spec.rb CHANGED Viewed

@@ -2,9 +2,7 @@
 require 'spec_helper'
-# rubocop:disable Metrics/BlockLength
 RSpec.describe CognitoRails::JWT, type: :model do
-  # rubocop:enable Metrics/BlockLength
   before do
     allow(URI).to receive(:open).and_return(double(read: jwks))
   end

data/spec/cognito_rails/password_generator_spec.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+require 'spec_helper'
+RSpec.describe CognitoRails::PasswordGenerator do
+  it 'generates a password' do
+    expect(described_class.generate).to be_a(String)
+  end
+  it 'generates a password with the correct length' do
+    1000.times do
+      expect(described_class.generate(8..8).length).to eq(8)
+    end
+  end
+  it 'contains at least one letter, one number, one upper case letter, one symbol' do
+    1000.times do
+      password = described_class.generate
+      expect(password).to match(/[a-z]/)
+      expect(password).to match(/[A-Z]/)
+      expect(password).to match(/[0-9]/)
+      include_symbol = CognitoRails::PasswordGenerator::SPECIAL.any? do |symbol|
+        password.include?(symbol)
+      end
+      expect(include_symbol).to be_truthy
+    end
+  end
+end

data/spec/cognito_rails/user_spec.rb CHANGED Viewed

@@ -2,7 +2,6 @@
 require 'spec_helper'
-# rubocop:disable Metrics/BlockLength
 RSpec.describe CognitoRails::User, type: :model do
   include CognitoRails::Helpers
@@ -83,6 +82,34 @@ RSpec.describe CognitoRails::User, type: :model do
       user.destroy!
     end
+    it 'uses the password generator defined in config' do
+      CognitoRails::Config.password_generator = -> { 'ciao' }
+      expect(CognitoRails::User).to receive(:cognito_client).at_least(:once).and_return(fake_cognito_client)
+      expect(fake_cognito_client).to receive(:admin_create_user).with(
+        hash_including(
+          temporary_password: 'ciao'
+        )
+      )
+      user = User.new(email: sample_cognito_email)
+      user.save!
+    ensure
+      CognitoRails::Config.password_generator = nil
+    end
+    it 'uses the custom password passed as parameter' do
+      expect(CognitoRails::User).to receive(:cognito_client).at_least(:once).and_return(fake_cognito_client)
+      expect(fake_cognito_client).to receive(:admin_create_user).with(
+        hash_including(
+          temporary_password: '12345678'
+        )
+      )
+      user = User.new(email: sample_cognito_email)
+      user.password = '12345678'
+      user.save!
+    end
     it 'saves custom attributes in cognito' do
       expect(CognitoRails::User).to receive(:cognito_client).at_least(:once).and_return(fake_cognito_client)

data/spec/support/schema.rb CHANGED Viewed

@@ -13,6 +13,8 @@ class User < ActiveRecord::Base
   cognito_verify_email
   define_cognito_attribute 'role', 'user'
   define_cognito_attribute 'name', :name
+  attr_accessor :password
 end
 class Admin < ActiveRecord::Base

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cognito_rails
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Mònade
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-30 00:00:00.000000000 Z
+date: 2023-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -97,10 +97,12 @@ files:
 - lib/cognito_rails/controller.rb
 - lib/cognito_rails/jwt.rb
 - lib/cognito_rails/model.rb
+- lib/cognito_rails/password_generator.rb
 - lib/cognito_rails/user.rb
 - lib/cognito_rails/version.rb
 - spec/cognito_rails/controller_spec.rb
 - spec/cognito_rails/jwt_spec.rb
+- spec/cognito_rails/password_generator_spec.rb
 - spec/cognito_rails/user_spec.rb
 - spec/factories/user.rb
 - spec/spec_helper.rb
@@ -133,6 +135,7 @@ summary: Add Cognito authentication to your Rails API
 test_files:
 - spec/cognito_rails/controller_spec.rb
 - spec/cognito_rails/jwt_spec.rb
+- spec/cognito_rails/password_generator_spec.rb
 - spec/cognito_rails/user_spec.rb
 - spec/factories/user.rb
 - spec/spec_helper.rb